CVE-2024-44300

EUVD-2024-41239
A logic issue was addressed with improved file handling. This issue is fixed in macOS Sequoia 15.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An app may be able to access protected user data.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CISA-ADPADP
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 4%
Affected Products (NVD)
VendorProductVersion
applemacos
13.0 ≤
𝑥
< 13.7.2
applemacos
14.0 ≤
𝑥
< 14.7.2
applemacos
15.0 ≤
𝑥
< 15.2
𝑥
= Vulnerable software versions
References
https://support.apple.com/en-us/121839
https://support.apple.com/en-us/121840
https://support.apple.com/en-us/121842
http://seclists.org/fulldisclosure/2024/Dec/7
http://seclists.org/fulldisclosure/2024/Dec/8
http://seclists.org/fulldisclosure/2024/Dec/9